nerdexam
Broadcom-VMware

2V0-41.23 · Question #10

2V0-41.23 Question #10: Real Exam Question with Answer & Explanation

The correct answer is B. Group all by means of tags membership.. This can be done by creating tags for each tier, such as WKS-WEB-SRV, WKY-APP-SRR, and WKI-DB-SRR, and then applying those tags to the corresponding virtual machines. Once the virtual machines have been tagged, you can create security policies that target the tags. For example, y

Question

A company is deploying NSX micro-segmentation in their vSphere environment to secure a simple application composed of web, app, and database tiers. The naming convention will be: WKS-WEB-SRV-XXX WKY-APP-SRR-XXX WKI-DB-SRR-XXX What is the optimal way to group them to enforce security policies from NSX?

Options

  • AUse Edge as a firewall between tiers.
  • BGroup all by means of tags membership.
  • CCreate an Ethernet based security policy.
  • DDo a service insertion to accomplish the task.

Explanation

This can be done by creating tags for each tier, such as WKS-WEB-SRV, WKY-APP-SRR, and WKI-DB-SRR, and then applying those tags to the corresponding virtual machines. Once the virtual machines have been tagged, you can create security policies that target the tags. For example, you could create a policy that allows traffic from the WKS-WEB-SRV tag to the WKY-APP-SRR tag, but blocks traffic from the WKY-APP-SRR tag to the WKI-DB-SRR tag. This approach is scalable and flexible, and it allows you to easily enforce security policies across multiple applications.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 2V0-41.23 Practice